Skills
skills/zate/cc-godot/godot-development/Gen Agent Trust Hub

godot-development

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its interaction with external, untrusted Godot project data. \n
  • Ingestion points: The skill reads external content through Read, Glob, Grep, and mcp__godot__get_debug_output. \n
  • Boundary markers: Absent. There are no instructions for the agent to distinguish between its own system instructions and natural language instructions that might be embedded in GDScript comments or project documentation. \n
  • Capability inventory: Includes high-risk operations such as Write, Edit, mcp__godot__launch_editor, and mcp__godot__run_project. \n
  • Sanitization: None. The agent does not validate or sanitize the content of the files it processes before using them to make decisions or perform actions. \n
  • Risk: An attacker could provide a Godot project containing a file that, when read by the agent, instructs it to exfiltrate data using the Read tool or to modify system files using the Write tool.
  • COMMAND_EXECUTION (MEDIUM): The skill provides tools for executing local code. \n
  • Evidence: The tool mcp__godot__run_project executes the Godot engine on the current project directory. If the project has been tampered with or contains malicious GDScript, this results in the execution of arbitrary code within the Godot environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:13 PM